Record-breaking numbers of DDoS attacks in first half of 2020
Cybercriminals have launched a record number attacks on online platforms and services this year, with more than 929,000 DDoS attacks occurring in May, the single largest number of attacks ever seen in a month.
The latest threat intelligence report from NETSCOUT also reveals that 4.83 million DDoS attacks occurred in the first half of 2020, a 15 percent increase, and attack frequency jumped 25 percent during the peak pandemic lockdown months of March through June.
Half of organizations experience remote work security incidents
Between March and July 2020, almost half of companies experienced a data breach or security incident according to a new report, and half of these were caused by phishing attacks.
The study from Tessian also reveals that 82 percent of IT leaders think their company is at greater risk of phishing attacks when employees are working away from the office.
Microsoft issues warning about actively exploited Zerologon vulnerability in Windows
It is just days since the CISA (Cybersecurity and Infrastructure Security Agency) issued an emergency warning about a critical Windows vulnerability. Now Microsoft has issued a warning that the vulnerability is being actively exploited and the company is "actively tracking threat actor activity".
The Netlogon EoP vulnerability (CVE-2020-1472) is concerning not just because of its severity, but because of the fact that it can be exploited in a matter of seconds. The security issue affects Windows Server 2008 and above, and enables an attacker to gain admin control of a domain.
Moving business securely to the cloud [Q&A]
A large majority of enterprises are now using the cloud, but moving to cloud-based solutions inevitably presents challenges, not least in security.
We spoke to Sam Humphries, Security Strategist at SIEM (Security Information and Event Management) specialist Exabeam to get her views.
Security awareness training needs to be interesting to be effective
A new survey of 1,000 US employees has found that boring security awareness training doesn't make them want to be secure.
The study conducted by Osterman Research for MediaPRO shows that employees get far more benefit out of interesting and engaging training, which shouldn't really surprise anybody.
Building on existing networks risks exposes 5G to old risks
Today's 5G networks mostly rely on the infrastructure of previous-generation 4G LTE networks. The non-standalone architecture has proved a quick way to provide subscribers with 5G access, however, this also exposes both the next-generation network and 5G subscribers to the same threats as older networks.
A new white paper from Positive Technologies details how mobile network operators (MNOs) who have already begun upgrading to 5G networks can migrate from previous generation networks without exposing themselves and their subscribers to existing and new risks.
How BEC attacks have adapted to the pandemic [Q&A]
Business Email Compromise (BEC) attacks are increasingly used by attackers as a way of targeting organizations. New research from Abnormal Security indicates that these attacks have adapted to the pandemic, with Zoom becoming the most impersonated brand and COVID-themed attacks surging.
We spoke to Evan Reiser, CEO of Abnormal Security to find out more about what’s been happening and what trends we can expect to see as the year progresses.
80 percent of organizations have experienced a third-party breach
Organizations are suffering from a lack of visibility into their supply chain and 8 percent experienced a breach that originated from vulnerabilities in their vendor ecosystem in the past year.
A new report from cybersecurity services company BlueVoyant, based on research carried out by Opinion Matters, shows that only 22.5 percent of organizations monitor their entire supply chain and just 32 percent re-assess and report their vendor’s cyber risk position either six-monthly or annually.
New offering aims to simplify cyber insurance for small and medium businesses
With cyberattacks increasing in volume and new types of incidents occurring, businesses need protection for everything from network intrusion to ransomware and all the things in between.
Many organizations are turning to cyber insurance to provide cover for dealing with incidents and their aftermath, but a recent report shows that many are put off by not understanding levels of exposure, amount of cover, and by cost.
Cyber attacks target video game companies and players
High volumes of attacks have targeted video game companies and players between 2018 and 2020, with an inevitable uptick in attack traffic that correlates with COVID-19-related lockdowns.
A new report from Akamai shows that game players themselves are subjected to a steady barrage of criminal activity, largely through credential stuffing and phishing attacks.
Analysis of attacks reveals the top threats to cloud computing
Moving systems to the cloud offers many benefits for organizations, but it also opens up a new range of threats.
The Cloud Security Alliance has released a new report looking at case study analyses of recent attacks and data breaches to promote understanding of how attacks work and how they can be successfully mitigated.
Cyberwarfare could be an imminent threat to organizations
Cyberwarfare is a threat to their organization according to 71 percent of CISO, yet just over a fifth (22 percent) admit to not having a strategy in place to deal with this risk.
However, Bitdefender's latest global study shows that the threat is being taken seriously, with 51 percent and 48 percent respectively stating that they believe they will need a strategy against cyberwarfare in the next 12-18 months.
Cybersecurity pros use their own free time to update their skills
By 2021, it's estimated that more than four million job openings in cybersecurity will be unfilled. Cybersecurity career development platform Cybrary has conducted a skills gap survey of more than 800 security and IT professionals in order to understand growing skills gap.
Among key findings are that 68 percent of respondents say they have to invest their own free time -- either before and after work (48 percent) or at weekends (20 percent) -- to improve their cyber skills.
CISA issues emergency warning over critical Windows vulnerability
Cybersecurity and Infrastructure Security Agency (CISA) has taken the extraordinary steps of issuing an emergency alert about a critical vulnerability in Windows.
CISA issued the warning to government departments, saying it "has determined that this vulnerability poses an unacceptable risk to the Federal Civilian Executive Branch and requires an immediate and emergency action". With Emergency Directive 20-04, the CISA requires agencies to install the August 2020 Security Update to mitigate against a vulnerability in Microsoft Windows Netlogon Remote Protocol.
85 percent of CISOs admit sacrificing security to enable remote working
While the pandemic has driven a shift to remote working, a new report from cyber security vendor Netwrix shows that that 85 percent of CISOs admit they've sacrificed cybersecurity to enable it to happen.
One in four organizations feels that they are exposed to more risks than before the pandemic. Of these, 63 percent report an increase in the frequency of cyberattacks and 60 percent have found new security gaps as a result of the transition to remote work.
© 1998-2025 BetaNews, Inc. All Rights Reserved. About Us - Privacy Policy - Cookie Policy - Sitemap.